using PowerManage.API.Auth;

namespace PowerManage.API.Extensions;

/// <summary>
/// 跨域相关扩展
/// </summary>
public static class CorsOriginsExtension
{
    /// <summary>
    /// 跨域相关配置
    /// </summary>
    /// <param name="builder"></param>
    /// <param name="pMAllowSpecificOrigins"></param>
    public static void AddPowerManageCorsOrigins(this WebApplicationBuilder builder, string pMAllowSpecificOrigins)
    {
        //跨域配置  配置 CORS（跨源资源共享）策略
        var corsOrigins = builder.Configuration.GetSection(AppSettings.CorsOrigins).Value;
        builder.Services.AddCors(m => m.AddPolicy(pMAllowSpecificOrigins,
            // 允许所有来源      _ => true 表示任何来源都被允许
            // c => c.SetIsOriginAllowed(_ => true).AllowAnyMethod().AllowAnyHeader().AllowCredentials()));
            //允许指定的来源进行跨域请求，并支持所有 HTTP 方法、请求头和凭据
            c => c.WithOrigins(corsOrigins.Split(",", StringSplitOptions.RemoveEmptyEntries)).AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials()));
    }
}